I'm not able to repeat this situation. I have tried different scenarios
using openssl s_client. I get the same log message, the same ciphers etc.
but everything works fine.
The problem is connected (hopefully) with one particular server (owned by
some hosting company) and as I think, compromised user account which is
sending spam messages to auto-generated e-mail addresses.
Thank you,
Mateusz
2018-03-08 12:36 GMT+01:00 Jeremy Harris via Exim-users <exim-users@???
>:
> On 07/03/18 09:19, Mateusz Krawczyk via Exim-users wrote:
> >> Also, please run "exim -d -bV" and give the initial output, down
> >> as far as the "WHITELIST_D_MACROS" line (we're mainly interested in
> >> the library versions).
>
> OK, OpenSSL 1.0.1e. Given the "handling TLS incoming connection"
> status, I'm guessing it's looping around tls_refill(), meaning
> that there's a debug_printf() that should show. Is this a
> situation you can easily repeat? If so, run with debug
> enabled (either from cmdline or enabled by ACL - which means
> you can target a known connection source) to verify my guess.
>
> The loop, if present, would imply that the errorhandling is
> wrong in that routine. I'd have thought that a zero syscall
> read() return (as seen in your strace) would result in
> some non-SSL_ERROR_NONE return from SSL_read() but...
> --
> Cheers,
> Jeremy
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>